Slides and demo videos for the talk that @antitree.com and I gave at the last @shmoocon.bsky.social on entitled, " "A Commencement into Real #Kubernetes Security!"
Demos include use of Mark's brand new tool, as well as of Peirates.
https://www.canva.com/design/DAGZrMSnRv4/ZGU-7Y15NvSHO0ivXNfU9w/view?utm_content=DAGZrMSnRv4&utm_campaign=designshare&utm_medium=link2&utm_source=uniquelinks&utlId=h1461623101
1/9
Demos include use of Mark's brand new tool, as well as of Peirates.
https://www.canva.com/design/DAGZrMSnRv4/ZGU-7Y15NvSHO0ivXNfU9w/view?utm_content=DAGZrMSnRv4&utm_campaign=designshare&utm_medium=link2&utm_source=uniquelinks&utlId=h1461623101
1/9
Comments
Physical world: we think terrorists & gun crime to be the greatest risks, but not really - think cancer & heart disease.
#Kubernetes: we think CVEs & container breakout sploits, but it's overpriv RBAC, priv ctrs & kubectl delete in the wrong cluster. 2/9
https://github.com/antitree/seccomp-diff
3/9
https://cloud.google.com/blog/products/containers-kubernetes/gvisor-file-system-improvements-for-gke-and-serverless
4/9
"Exploring the University Data Science Cluster"
https://youtu.be/-uFGJzaZ7XI
5/9
https://inguardians.com/peirates/
6/9
7/9